Volkswagen isn’t the only company that still relies on IE6. For example, in the automotive world, GM has also deployed IE6 enterprise wide across multiple continents and a source tells us that, while the company has undergone a massive IT restructuring over the past 4 years, IE6 is still the browser of choice.

Click to expand...

And I thought this ailment afflicted third world countries like mine

I wonder what form the restructuring will take (or has taken). More "secure" proprietary lock-in-to-my-browser-and-my-OS stuff?

If even a single one of their sites/products relies on it it's easier for them to just stick to it.

Click to expand...

It would also be stupidity or ignorance on their part. from the link vasa provided:

Hopefully VW just hasn’t updated this page in quite a few years, but then that also shows a major oversight on the part of the company’s web team. Why advertise IE6 as the go-to browser on a supplier-facing web page? It does nothing to reassure about the security of VW’s system.

Click to expand...

Hopefully it is because of an outdated page, because if it isn't they are either ignorant of the security vulnerabilities IE6 presents, or they are too cheap (too greedy) to pony up for the $$ to upgrade to IE8/9 web viewing compatibility.

And while compatibility mode might even be 100% it doesn't change the fact that they have to do a lot of testing.

You do not roll out huge updates without testing. Imagine if something broke? What then? You have to spend a whole lot more money either fixing it (if it's possible) and then deploying THAT update or you have to spend another bunch of money rolling out a downgrade and you're back where you started.

And while compatibility mode might even be 100% it doesn't change the fact that they have to do a lot of testing.

You do not roll out huge updates without testing. Imagine if something broke? What then? You have to spend a whole lot more money either fixing it (if it's possible) and then deploying THAT update or you have to spend another bunch of money rolling out a downgrade and you're back where you started.

Click to expand...

It's backup.

Of course they should, instead of consumers testing outdated stuff.

Disk image, the backup.

Hungry Man said:

If being hacked loses them 5 dollars and it would cost them 6 dollars to roll out the update they'll take the risk of being hacked.

Even if being hacked costs 20 dollars and rolling the update would cost 6 there's only the potential cost of a hack whereas a rolling update would always cost money.

Part of being IT is risk management/assessment. That can mean understanding costs.

Click to expand...

That's only short term, you forgot long term.

There is another factor, customer satisfaction. Imagine having an incompatible website for Windows Vista and above users.

It's really not nearly as relevant as their huge behind the scenes projects.

Sony was hacked twice and they lost some money giving away free games. I doubt too many people went around selling their PS3's over it and all-in-all the company probably didn't lose a hell of a lot. Sony's case is different because they could have easily secured their servers for far less cost.

In this case it's probably even less relevant. Offer the customers some deals or a free credit check (those cost about 10/month~) for the customers who do complain and they'll either end up spending the same amount or less.

Even if they did spend a bit more the potential loss is not as bad as the definite loss.

Companies do this all of the time. Upgrading costs money and risk assessment is a huge part of security administration.

lol I mean I know Citi bank uses WinXP Professional. I talked to their IT guy (I worked there for a while) and he explained some of the vulnerabilities. He said it just doesn't matter in the scheme of things - someone would have to exploit it to begin with and the losses they do see from this aren't anywhere near how much it would cost for each ATM to be updated as well as the costs of updating the ATM software.